CVE-2017-9359

Priority
Description
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x
before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before
13.13-cert4, and other products, allows remote attackers to cause a denial
of service (out-of-bounds read and application crash) via a crafted packet.
Notes
Package
Upstream:released (2.5.5~dfsg-6)
Ubuntu 14.04 ESM:DNE (trusty was released [2.1.0.0.ast20130823-1+deb8u1build0.14.04.1])
Patches:
More Information

Updated: 2022-04-13 13:07:33 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)